JigSaw Ransomware: How to decrypt your encrypted data

A new kind of ransomware has emerged on the scene recently, which has been encrypting users data. If the user fails to meet the demands of attackers within 24 hour deadline, then their data will be deleted. Jigsaw is considered a big threat for corporations; because it will leave them empty handed if they fail to meet criminals demand. The attackers are demanding around $150 to release the encrypted data.

This breed of ransomware was first discovered by Jasen Sumalapao, a security researcher at Trend Micro. He described in a blogpost that; "Recent crypto-ransomware families have ransom amounts that grow as time passes, but not with the same increments as JIGSAW. To make matters worse, it deletes a larger amount of files with every hour while the amount to be paid also increases,”.
Jasen further described; "And with the exponential increase of files being permanently deleted, users may be pressured into paying the ransom so they may either save the remaining files, or avoid paying a larger ransom.”.

Jigsaw has been rated as the most vicious ransomware leaving Locky ( an equally threatening ransomware) behind. Jigsaw has been forcing the organizations to meet the attackers demand by leaving them with no time to look at the backups.

How to retrieve your data for FREE

In order to decrypt your data you need to follow the following steps:

Step 1: To stop any further files from delectation close the firefox.exe and drpbx.exe process from task manager.

Step 2: Now user should run MSConfig and disable the start up entry called firefox.exe that points to the %UserProfile%\AppData\Roaming\Frfx\firefox.exe executable.